-
-
Save iolson/8a4c6d689a334f6de48e to your computer and use it in GitHub Desktop.
<?php namespace App\Http\Controllers\Api\V1; | |
use App\Http\Controllers\Controller; | |
use App\Http\Requests; | |
use Illuminate\Http\Request; | |
use Tymon\JWTAuth\Facades\JWTAuth; | |
use Tymon\JWTAuth\Exceptions\JWTException; | |
class AuthenticateController extends Controller | |
{ | |
/** | |
* @param Request $request | |
* @return \Symfony\Component\HttpFoundation\Response | |
*/ | |
public function authenticate(Request $request) | |
{ | |
// grab credentials from the request | |
$credentials = $request->only('email', 'password'); | |
try { | |
// attempt to verify the credentials and create a token for the user | |
if (!$token = JWTAuth::attempt($credentials)) { | |
return response()->json(['error' => 'invalid_credentials'], 401); | |
} | |
} catch (JWTException $e) { | |
// something went wrong whilst attempting to encode the token | |
return response()->json(['error' => 'could_not_create_token'], 500); | |
} | |
// all good so return the token | |
return response()->json(compact('token')); | |
} | |
} |
<?php | |
return [ | |
/* | |
|-------------------------------------------------------------------------- | |
| JWT Authentication Secret | |
|-------------------------------------------------------------------------- | |
| | |
| Don't forget to set this, as it will be used to sign your tokens. | |
| A helper command is provided for this: `php artisan jwt:generate` | |
| | |
*/ | |
'secret' => env('JWT_SECRET', 'changeme'), | |
/* | |
|-------------------------------------------------------------------------- | |
| JWT time to live | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the length of time (in minutes) that the token will be valid for. | |
| Defaults to 1 hour | |
| | |
*/ | |
'ttl' => 60, | |
/* | |
|-------------------------------------------------------------------------- | |
| Refresh time to live | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the length of time (in minutes) that the token can be refreshed | |
| within. I.E. The user can refresh their token within a 2 week window of | |
| the original token being created until they must re-authenticate. | |
| Defaults to 2 weeks | |
| | |
*/ | |
'refresh_ttl' => 20160, | |
/* | |
|-------------------------------------------------------------------------- | |
| JWT hashing algorithm | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the hashing algorithm that will be used to sign the token. | |
| | |
| See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer | |
| for possible values | |
| | |
*/ | |
'algo' => 'HS256', | |
/* | |
|-------------------------------------------------------------------------- | |
| User Model namespace | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the full namespace to your User model. | |
| e.g. 'Acme\Entities\User' | |
| | |
*/ | |
'user' => 'App\User', | |
/* | |
|-------------------------------------------------------------------------- | |
| User identifier | |
|-------------------------------------------------------------------------- | |
| | |
| Specify a unique property of the user that will be added as the 'sub' | |
| claim of the token payload. | |
| | |
*/ | |
'identifier' => 'id', | |
/* | |
|-------------------------------------------------------------------------- | |
| Required Claims | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the required claims that must exist in any token. | |
| A TokenInvalidException will be thrown if any of these claims are not | |
| present in the payload. | |
| | |
*/ | |
'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'], | |
/* | |
|-------------------------------------------------------------------------- | |
| Blacklist Enabled | |
|-------------------------------------------------------------------------- | |
| | |
| In order to invalidate tokens, you must have the the blacklist enabled. | |
| If you do not want or need this functionality, then set this to false. | |
| | |
*/ | |
'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true), | |
/* | |
|-------------------------------------------------------------------------- | |
| Providers | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the various providers used throughout the package. | |
| | |
*/ | |
'providers' => [ | |
/* | |
|-------------------------------------------------------------------------- | |
| User Provider | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the provider that is used to find the user based | |
| on the subject claim | |
| | |
*/ | |
'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter', | |
/* | |
|-------------------------------------------------------------------------- | |
| JWT Provider | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the provider that is used to create and decode the tokens. | |
| | |
*/ | |
'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter', | |
/* | |
|-------------------------------------------------------------------------- | |
| Authentication Provider | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the provider that is used to authenticate users. | |
| | |
*/ | |
'auth' => function ($app) { | |
return new \App\Http\Repositories\Auth\SentinelAuthAdapter($app['auth']); | |
}, | |
/* | |
|-------------------------------------------------------------------------- | |
| Storage Provider | |
|-------------------------------------------------------------------------- | |
| | |
| Specify the provider that is used to store tokens in the blacklist | |
| | |
*/ | |
'storage' => function ($app) { | |
return new Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter($app['cache']); | |
} | |
] | |
]; |
<?php namespace App\Http\Repositories\Auth; | |
use Exception; | |
use Cartalyst\Sentinel\Laravel\Facades\Sentinel; | |
use Cartalyst\Sentinel\Users\UserInterface; | |
use Tymon\JWTAuth\Providers\Auth\AuthInterface; | |
class SentinelAuthAdapter implements AuthInterface | |
{ | |
/** | |
* Check a user's credentials | |
* | |
* @param array $credentials | |
* @return bool | |
*/ | |
public function byCredentials(array $credentials = []) | |
{ | |
try { | |
$user = Sentinel::authenticate($credentials); | |
return $user instanceof UserInterface; | |
} catch (Exception $e) { | |
return false; | |
} | |
} | |
/** | |
* Authenticate a user via the id | |
* | |
* @param mixed $id | |
* @return bool | |
*/ | |
public function byId($id) | |
{ | |
try { | |
$user = Sentinel::findById($id); | |
Sentinel::login($user); | |
return $user instanceof UserInterface && Sentinel::check(); | |
} catch (Exception $e) { | |
return false; | |
} | |
} | |
/** | |
* Get the currently authenticated user | |
* | |
* @return mixed | |
*/ | |
public function user() | |
{ | |
return Sentinel::getUser(); | |
} | |
} |
Thanks Helped a lot 👍 If I want to logout from sentinel, How to invalidate jwt token automatically
Thanks @iolson
@iolson how would you return user "not activated" message or wrong password message .... i am having some difficulty doing that
public function byCredentials(array $credentials = [])
{
try {
$user = Sentry::authenticate($credentials);
return $user ;
} catch (\Cartalyst\Sentry\Users\UserNotActivatedException $e) {
return response()->json(['error' => 'not_activated'], 401);
} catch (\Cartalyst\Sentry\Users\WrongPasswordException $e) {
return response()->json(['error' => 'wrong_password'], 401);
}
}
Hello, can i get little help? Where is SentinelAuthAdapter.php or i need to make this file and where to make?
Thanks for help!
This is genius! You saved me many hours!
hello guys, I need your help please when I run this classes show me the next error like thi:
"Type error: Argument 1 passed to Tymon\JWTAuth\Blacklist::__construct() must be an instance of Tymon\JWTAuth\Contracts\Providers\Storage, instance of Closure given, called in /home/vagrant/Jobs/Projetos/eas-message-core/vendor/tymon/jwt-auth/src/Providers/AbstractServiceProvider.php on line 249"
in my LoginController I called so:
use App\Http\Controllers\Auth\AuthenticateController as Authentications;
use Sentinel;
.................
try{
$user = new Authentications();
$user_admin = $user->authenticate($request);
return response()->json(['data' => $user_admin], 200);
} catch (\Exception $e){
return response()->json(['error' => $e->getMessages()], 500);
}
I use Laravel 5.5 and Cartalyst/sentinel, please help me
unfortunately same here @ngelrojas with laravel 5.5 and sentinel
The same problem @ngelrojas any solution
I had same problem and by implementing AuthInterface
in SentinelAuthAdapter
and using Setinel
as AuthManager
in it's construct function, problem solved.
That helped. Thanks!